mirror of https://github.com/apache/jclouds.git
vcloud-director 1.5: adding tests of unlockUser
This commit is contained in:
parent
ea382b9f9e
commit
deeaa675bb
|
@ -24,6 +24,7 @@ import java.net.URI;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
|
||||||
import org.jclouds.vcloud.director.v1_5.VCloudDirectorClient;
|
import org.jclouds.vcloud.director.v1_5.VCloudDirectorClient;
|
||||||
|
import org.jclouds.vcloud.director.v1_5.VCloudDirectorException;
|
||||||
import org.jclouds.vcloud.director.v1_5.VCloudDirectorMediaType;
|
import org.jclouds.vcloud.director.v1_5.VCloudDirectorMediaType;
|
||||||
import org.jclouds.vcloud.director.v1_5.domain.Link;
|
import org.jclouds.vcloud.director.v1_5.domain.Link;
|
||||||
import org.jclouds.vcloud.director.v1_5.domain.Reference;
|
import org.jclouds.vcloud.director.v1_5.domain.Reference;
|
||||||
|
@ -172,8 +173,6 @@ public class UserClientExpectTest extends BaseVCloudDirectorRestClientExpectTest
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
// POST /admin/user/{id}/action/unlock
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testDeleteUser() {
|
public void testDeleteUser() {
|
||||||
VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse,
|
VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse,
|
||||||
|
@ -186,4 +185,32 @@ public class UserClientExpectTest extends BaseVCloudDirectorRestClientExpectTest
|
||||||
|
|
||||||
client.getUserClient().deleteUser(userRef.getHref());
|
client.getUserClient().deleteUser(userRef.getHref());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testUnlockUser() {
|
||||||
|
VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse,
|
||||||
|
new VcloudHttpRequestPrimer()
|
||||||
|
.apiCommand("POST", "/admin/user/b37223f3-8792-477a-820f-334998f61cd6/action/unlock")
|
||||||
|
.acceptAnyMedia()
|
||||||
|
.httpRequestBuilder().build(),
|
||||||
|
new VcloudHttpResponsePrimer()
|
||||||
|
.httpResponseBuilder().statusCode(204).build());
|
||||||
|
|
||||||
|
client.getUserClient().unlockUser(userRef.getHref());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test(expectedExceptions = VCloudDirectorException.class)
|
||||||
|
public void testUnlockUserFailNotFound() {
|
||||||
|
VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse,
|
||||||
|
new VcloudHttpRequestPrimer()
|
||||||
|
.apiCommand("POST", "/admin/user/b37223f3-8792-477a-820f-334998f61cd6/action/unlock")
|
||||||
|
.acceptAnyMedia()
|
||||||
|
.httpRequestBuilder().build(),
|
||||||
|
new VcloudHttpResponsePrimer()
|
||||||
|
.httpResponseBuilder().statusCode(403)
|
||||||
|
.payload(payloadFromResourceWithContentType("/org/error400.xml", VCloudDirectorMediaType.ERROR))
|
||||||
|
.build());
|
||||||
|
|
||||||
|
client.getUserClient().unlockUser(userRef.getHref());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,17 +21,24 @@ package org.jclouds.vcloud.director.v1_5.features;
|
||||||
import static com.google.common.base.Objects.equal;
|
import static com.google.common.base.Objects.equal;
|
||||||
import static org.jclouds.vcloud.director.v1_5.VCloudDirectorLiveTestConstants.OBJ_FIELD_UPDATABLE;
|
import static org.jclouds.vcloud.director.v1_5.VCloudDirectorLiveTestConstants.OBJ_FIELD_UPDATABLE;
|
||||||
import static org.testng.Assert.assertEquals;
|
import static org.testng.Assert.assertEquals;
|
||||||
|
import static org.testng.Assert.assertNotNull;
|
||||||
import static org.testng.Assert.assertTrue;
|
import static org.testng.Assert.assertTrue;
|
||||||
import static org.testng.Assert.fail;
|
import static org.testng.Assert.fail;
|
||||||
|
import static org.testng.AssertJUnit.assertFalse;
|
||||||
|
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
|
|
||||||
|
import org.jclouds.rest.AuthorizationException;
|
||||||
import org.jclouds.vcloud.director.v1_5.VCloudDirectorException;
|
import org.jclouds.vcloud.director.v1_5.VCloudDirectorException;
|
||||||
import org.jclouds.vcloud.director.v1_5.domain.Checks;
|
import org.jclouds.vcloud.director.v1_5.domain.Checks;
|
||||||
import org.jclouds.vcloud.director.v1_5.domain.Error;
|
import org.jclouds.vcloud.director.v1_5.domain.Error;
|
||||||
|
import org.jclouds.vcloud.director.v1_5.domain.OrgPasswordPolicySettings;
|
||||||
import org.jclouds.vcloud.director.v1_5.domain.Reference;
|
import org.jclouds.vcloud.director.v1_5.domain.Reference;
|
||||||
|
import org.jclouds.vcloud.director.v1_5.domain.SessionWithToken;
|
||||||
import org.jclouds.vcloud.director.v1_5.domain.User;
|
import org.jclouds.vcloud.director.v1_5.domain.User;
|
||||||
import org.jclouds.vcloud.director.v1_5.internal.BaseVCloudDirectorClientLiveTest;
|
import org.jclouds.vcloud.director.v1_5.internal.BaseVCloudDirectorClientLiveTest;
|
||||||
|
import org.jclouds.vcloud.director.v1_5.login.SessionClient;
|
||||||
|
import org.testng.AssertJUnit;
|
||||||
import org.testng.annotations.AfterClass;
|
import org.testng.annotations.AfterClass;
|
||||||
import org.testng.annotations.BeforeClass;
|
import org.testng.annotations.BeforeClass;
|
||||||
import org.testng.annotations.Test;
|
import org.testng.annotations.Test;
|
||||||
|
@ -39,7 +46,7 @@ import org.testng.annotations.Test;
|
||||||
import com.google.common.collect.Iterables;
|
import com.google.common.collect.Iterables;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests live behavior of {@link AdminGroupClient}.
|
* Tests live behavior of {@link UserClient}.
|
||||||
*
|
*
|
||||||
* @author danikov
|
* @author danikov
|
||||||
*/
|
*/
|
||||||
|
@ -166,27 +173,68 @@ public class UserClientLiveTest extends BaseVCloudDirectorClientLiveTest {
|
||||||
assertTrue(equal(user.getDeployedVmQuota(), newUser.getDeployedVmQuota()),
|
assertTrue(equal(user.getDeployedVmQuota(), newUser.getDeployedVmQuota()),
|
||||||
String.format(OBJ_FIELD_UPDATABLE, USER, "deployedVmQuota"));
|
String.format(OBJ_FIELD_UPDATABLE, USER, "deployedVmQuota"));
|
||||||
|
|
||||||
// TODO: assert password is changed with session client?
|
// session client isn't typically exposed to the user, as it is implicit
|
||||||
|
SessionClient sessionClient = context.utils().injector().getInstance(SessionClient.class);
|
||||||
|
|
||||||
|
// Check the user can really login with the changed password
|
||||||
|
// NOTE: the password is NOT returned in the User object returned from the server
|
||||||
|
SessionWithToken sessionWithToken = sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "newPassword");
|
||||||
|
assertNotNull(sessionWithToken.getToken());
|
||||||
|
sessionClient.logoutSessionWithToken(sessionWithToken.getSession().getHref(), sessionWithToken.getToken());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(testName = "POST /admin/user/{id}/action/unlock",
|
@Test(testName = "POST /admin/user/{id}/action/unlock", dependsOnMethods = { "testUpdateUser" })
|
||||||
dependsOnMethods = { "testUpdateUser" }, enabled=false )
|
|
||||||
public void testUnlockUser() {
|
public void testUnlockUser() {
|
||||||
// FIXME Need to simulate failed login, to lock the account?
|
// Need to know how many times to fail login to lock account
|
||||||
//
|
AdminOrgClient adminOrgClient = context.getApi().getAdminOrgClient();
|
||||||
// UserType.isLocked states:
|
OrgPasswordPolicySettings settingsToRevertTo = null;
|
||||||
// This flag is set if the user account has been locked due to too many invalid login attempts.
|
|
||||||
// A locked user account can be re-enabled by updating the user with this flag set to false.
|
|
||||||
// (However, the account cannot be manually locked by setting it to true - setting this flag is
|
|
||||||
// only done by the login process).
|
|
||||||
|
|
||||||
//TODO: check previous tests a) enabled lockout, b) set password
|
// session client isn't typically exposed to the user, as it is implicit
|
||||||
//TODO: attempt too many times with the wrong password
|
SessionClient sessionClient = context.utils().injector().getInstance(SessionClient.class);
|
||||||
//TODO: verify access is denied
|
|
||||||
//TODO: unlock user
|
|
||||||
//TODO: verify access is renewed
|
|
||||||
|
|
||||||
throw new UnsupportedOperationException("Test not yet implemented; need to first cause account to be locked");
|
OrgPasswordPolicySettings settings = adminOrgClient.getSettings(orgRef.getHref()).getPasswordPolicy();
|
||||||
|
assertNotNull(settings);
|
||||||
|
|
||||||
|
// Adjust account settings so we can lock the account - be careful to not set invalidLoginsBeforeLockout too low!
|
||||||
|
if (!settings.isAccountLockoutEnabled()) {
|
||||||
|
settingsToRevertTo = settings;
|
||||||
|
settings = settings.toBuilder().accountLockoutEnabled(true).invalidLoginsBeforeLockout(5).build();
|
||||||
|
settings = adminOrgClient.updatePasswordPolicy(orgRef.getHref(), settings);
|
||||||
|
}
|
||||||
|
|
||||||
|
assertTrue(settings.isAccountLockoutEnabled());
|
||||||
|
|
||||||
|
for (int i=0; i<settings.getInvalidLoginsBeforeLockout()+1; i++) {
|
||||||
|
try {
|
||||||
|
sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "wrongpassword!");
|
||||||
|
fail("Managed to login using the wrong password!");
|
||||||
|
} catch(AuthorizationException ex) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
user = userClient.getUser(user.getHref());
|
||||||
|
assertTrue(user.isLocked());
|
||||||
|
|
||||||
|
try {
|
||||||
|
sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "newPassword");
|
||||||
|
fail("Managed to login to locked account!");
|
||||||
|
} catch(AuthorizationException ex) {
|
||||||
|
}
|
||||||
|
|
||||||
|
userClient.unlockUser(user.getHref());
|
||||||
|
|
||||||
|
user = userClient.getUser(user.getHref());
|
||||||
|
assertFalse(user.isLocked());
|
||||||
|
|
||||||
|
// Double-check the user can now login again
|
||||||
|
SessionWithToken sessionWithToken = sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "newPassword");
|
||||||
|
assertNotNull(sessionWithToken.getToken());
|
||||||
|
sessionClient.logoutSessionWithToken(sessionWithToken.getSession().getHref(), sessionWithToken.getToken());
|
||||||
|
|
||||||
|
// Return account settings to the previous values, if necessary
|
||||||
|
if (settingsToRevertTo != null) {
|
||||||
|
adminOrgClient.updatePasswordPolicy(orgRef.getHref(), settingsToRevertTo);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(testName = "DELETE /admin/user/{id}",
|
@Test(testName = "DELETE /admin/user/{id}",
|
||||||
|
|
Loading…
Reference in New Issue